Two important trends are evident in the field of networking. One of these trends, which concerns electronic vandalism or hacking, stimulates the use of defensive measures such as network firewalls, routers, and load balancers with filters to thwart malicious traffic. The other trend, which concerns the way that services are provided commercially, engenders network configurations where end-to-end paths through a network may originate on one side of a filtering device and terminate on the other.
Traditional network management methods, which continue to be of great importance, typically rely on network management systems that communicate with their managed network components using the Simplified Network Management Protocol (SNMP). SNMP communications are often blocked deliberately by firewalls, however, as SNMP commands may be used to disrupt unprotected network components or to probe a network's architecture and configuration details, which may be proprietary.
This can result in a situation where a customer of a service provider is unable to isolate network and application problems, because the customer cannot view network components that lie beyond the service provider's firewall. Thus there is a need for a way to enable a network management system to gather information from network components that are visible using SNMP, as well as from network components that are not visible using SNMP due to filters, and to integrate the two kinds of information in order to provide problem determination support over relevant end-to-end paths through the network.